request_signing-ssm 0.1.0.pre1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/request_signing/ssm.rb +106 -0
  3. metadata +74 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 908914d41f65aa955d890a6012924e46d27dcedd
4
+ data.tar.gz: 13d3d06c607334784a485e7b39689d831c44b570
5
+ SHA512:
6
+ metadata.gz: d08cef5320b59cde2f59308e042f9de916569f3298b20a4b06d371eb45bafce73119574e8fed87835bb44330e4827edfe2f65e620eaaa781c890f3ac38f699ec
7
+ data.tar.gz: 75505b6d532b733faf3964c925217f26a373c71bd9828646758c87ad7f2f72cb8c3d4200b9b8608b33e4656a2127b46508f858cb5d5375d264dec041674ad067
data/lib/request_signing/ssm.rb ADDED
@@ -0,0 +1,106 @@
1
+ require "aws-sdk-ssm"
2
+ require "request_signing"
3
+
4
+ module RequestSigning
5
+ module KeyStores
6
+
7
+ # AWS SSM-backed key store implementation
8
+ # @see RequestSigning::Signer
9
+ # @see RequestSigning::Verifier
10
+ # @see http://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-paramstore.html
11
+ class SSM
12
+
13
+ ##
14
+ # Makes a new instance of {RequestSigning::KeyStores::SSM}
15
+ #
16
+ # @param ssm_client [Aws::SSM::Client] an instance of configured SSM client
17
+ # @param path [String] path prefix for SSM GetParametersByPath operation
18
+ #
19
+ # @return [RequestSigning::KeyStores::SSM]
20
+ #
21
+ # @see http://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/SSM/Client.html#get_parameters_by_path-instance_method
22
+ ##
23
+ def self.with_ssm_path(ssm_client:, path:)
24
+ ssm_options = {
25
+ path: path,
26
+ recursive: false,
27
+ with_decryption: true
28
+ }
29
+ new(ssm_client: ssm_client, ssm_options: ssm_options)
30
+ end
31
+
32
+ ##
33
+ # Makes a new instance of {RequestSigning::KeyStores::SSM}
34
+ #
35
+ # @param ssm_client [Aws::SSM::Client] an instance of configured SSM client
36
+ # @param ssm_options [Hash] custom parameters for SSM GetParametersByPath operation
37
+ #
38
+ # @return [RequestSigning::KeyStores::SSM]
39
+ #
40
+ # @see http://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/SSM/Client.html#get_parameters_by_path-instance_method
41
+ ##
42
+ def self.with_ssm_options(ssm_client:, ssm_options:)
43
+ new(ssm_client: ssm_client, ssm_options: ssm_options)
44
+ end
45
+
46
+ def initialize(ssm_client:, ssm_options:)
47
+ @ssm_client = ssm_client
48
+ @ssm_options = ssm_options
49
+ @loaded = false
50
+ @keys = {}
51
+ end
52
+
53
+ # @param key_id [String] id of the key to retrieve
54
+ #
55
+ # @return [String] key contents
56
+ #
57
+ # @raise [RequestSigning::KeyNotFound] when requested key is not found
58
+ # @raise [Aws::SSM::Errors::ServiceError] when keys were not eager loaded and loading fails
59
+ def fetch(key_id)
60
+ load! unless loaded?
61
+ @keys.fetch(key_id)
62
+ rescue KeyError
63
+ raise KeyNotFound, key_id
64
+ end
65
+
66
+ # @param key_id [String] id of the key
67
+ #
68
+ # @return true if store knows this key
69
+ # @return false if store does not recognize the key
70
+ #
71
+ # @raise [Aws::SSM::Errors::ServiceError] when keys were not eager loaded and loading fails
72
+ def key?(key_id)
73
+ load! unless loaded?
74
+ @keys.key?(key_id)
75
+ end
76
+
77
+ # Eager loads the keys
78
+ #
79
+ # @raise [Aws::SSM::Errors::ServiceError]
80
+ def load!
81
+ return if loaded?
82
+
83
+ keys = {}
84
+ next_token = nil
85
+ loop do
86
+ params = @ssm_options.merge(next_token: next_token)
87
+ response = @ssm_client.get_parameters_by_path(params)
88
+ response.parameters.each do |p|
89
+ keys[p.name] = p.value
90
+ end
91
+ next_token = String(response.next_token)
92
+ break if next_token.empty?
93
+ end
94
+
95
+ @keys = keys
96
+ @loaded = true
97
+ end
98
+
99
+ def loaded?
100
+ !!@loaded
101
+ end
102
+ end
103
+
104
+ end
105
+ end
106
+
metadata ADDED
@@ -0,0 +1,74 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: request_signing-ssm
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0.pre1
5
+ platform: ruby
6
+ authors:
7
+ - Vlad Yarotsky
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2017-10-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: request_signing
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '='
18
+ - !ruby/object:Gem::Version
19
+ version: 0.1.0.pre1
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '='
25
+ - !ruby/object:Gem::Version
26
+ version: 0.1.0.pre1
27
+ - !ruby/object:Gem::Dependency
28
+ name: aws-sdk-ssm
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1'
41
+ description: AWS SSM key store for request_signing gem
42
+ email:
43
+ - vlad@remind101.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - lib/request_signing/ssm.rb
49
+ homepage: https://github.com/remind101/request_signing
50
+ licenses:
51
+ - MIT
52
+ metadata:
53
+ yard.run: yri
54
+ post_install_message:
55
+ rdoc_options: []
56
+ require_paths:
57
+ - lib
58
+ required_ruby_version: !ruby/object:Gem::Requirement
59
+ requirements:
60
+ - - ">="
61
+ - !ruby/object:Gem::Version
62
+ version: '0'
63
+ required_rubygems_version: !ruby/object:Gem::Requirement
64
+ requirements:
65
+ - - ">"
66
+ - !ruby/object:Gem::Version
67
+ version: 1.3.1
68
+ requirements: []
69
+ rubyforge_project:
70
+ rubygems_version: 2.6.8
71
+ signing_key:
72
+ specification_version: 4
73
+ summary: AWS SSM key store for request_signing gem
74
+ test_files: []